Call Flows: Preserve query string parameters across list and edit pages (#7883)

* Call Flows: Preserve query string parameters across list and edit pages

* Update call_flow_edit.php

* Update call_flows.php

app/call_flows/call_flow_edit.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2025
+	Portions created by the Initial Developer are Copyright (C) 2008-2026
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -51,6 +51,32 @@
 	$call_flow_description = '';
 	$call_flow_status = '';
 
+// Set variables from GET parameters
+	$page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0;
+	$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'call_flow_name'));
+	$order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc';
+	$search = $_GET['search'] ?? '';
+	$show = $_GET['show'] ?? '';
+
+// Build the query string
+	$param = [];
+	if (!empty($page)) {
+		$param['page'] = $page;
+	}
+	if (!empty($_GET['order_by'])) {
+		$param['order_by'] = $order_by;
+	}
+	if (!empty($_GET['order'])) {
+		$param['order'] = $order;
+	}
+	if (!empty($search)) {
+		$param['search'] = $search;
+	}
+	if (!empty($show) && $show == 'all' && permission_exists('call_flow_all')) {
+		$param['show'] = $show;
+	}
+	$query_string = http_build_query($param);
+
 //action add or update
 	if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) {
 		$action = "update";
@@ -107,7 +133,7 @@
 			$token = new token;
 			if (!$token->validate($_SERVER['PHP_SELF'])) {
 				message::add($text['message-invalid_token'],'negative');
-				header('Location: call_flows.php');
+				header('Location: call_flows.php'.($query_string ? '?'.$query_string : ''));
 				exit;
 			}
 
@@ -298,7 +324,7 @@
 				if ($action == "update") {
 					message::add($text['message-update']);
 				}
-				header("Location: call_flows.php");
+				header("Location: call_flows.php".($query_string ? '?'.$query_string : ''));
 				return;
 			}
 	} //(is_array($_POST) && empty($_POST["persistformvar"]))
@@ -445,7 +471,7 @@
 	echo "<div class='action_bar' id='action_bar'>\n";
 	echo "	<div class='heading'><b>".$text['title-call_flow']."</b></div>\n";
 	echo "	<div class='actions'>\n";
-	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','link'=>'call_flows.php']);
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','link'=>'call_flows.php'.($query_string ? '?'.$query_string : '')]);
 	echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$settings->get('theme', 'button_icon_save'),'id'=>'btn_save','style'=>'margin-left: 15px;']);
 	echo "	</div>\n";
 	echo "	<div style='clear: both;'></div>\n";

app/call_flows/call_flows.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2024
+	Portions created by the Initial Developer are Copyright (C) 2008-2026
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -39,15 +39,36 @@
 	$language = new text;
 	$text = $language->get();
 
-//set additional variables
-	$show = $_GET["show"] ?? '';
+// Set variables from GET parameters
+	$page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0;
+	$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'call_flow_name'));
+	$order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc';
+	$sort = $order_by == 'call_flow_extension' ? 'natural' : null;
+	$search = $_GET['search'] ?? '';
+	$show = $_GET['show'] ?? '';
+
+// Build the query string
+	$param = [];
+	if (!empty($page)) {
+		$param['page'] = $page;
+	}
+	if (!empty($_GET['order_by'])) {
+		$param['order_by'] = $order_by;
+	}
+	if (!empty($_GET['order'])) {
+		$param['order'] = $order;
+	}
+	if (!empty($search)) {
+		$param['search'] = $search;
+	}
+	if (!empty($show) && $show == 'all' && permission_exists('call_flow_all')) {
+		$param['show'] = $show;
+	}
+	$query_string = http_build_query($param);
 
 //set from session variables
 	$list_row_edit_button = $settings->get('theme', 'list_row_edit_button', false);
 
-//get search
-	$search = $_REQUEST['search'] ?? '';
-
 //get posted data
 	if (!empty($_POST['call_flows'])) {
 		$action = $_POST['action'];
@@ -79,17 +100,11 @@
 				break;
 		}
 
-		header('Location: call_flows.php'.($search != '' ? '?search='.urlencode($search) : ''));
+		header('Location: call_flows.php'.($query_string ? '?'.$query_string : ''));
 		exit;
 	}
 
-//get variables used to control the order
-	$order_by = $_GET["order_by"] ?? '';
-	$order = $_GET["order"] ?? '';
-	$sort = $order_by == 'call_flow_extension' ? 'natural' : null;
-
 //add the search term
-	$search = strtolower($search ?? '');
 	if (!empty($search)) {
 		$sql_search = "and (";
 		$sql_search .= "lower(call_flow_name) like :search ";
@@ -101,7 +116,7 @@
 		$sql_search .= "or lower(call_flow_alternate_label) like :search ";
 		$sql_search .= "or lower(call_flow_description) like :search ";
 		$sql_search .= ") ";
-		$parameters['search'] = '%'.$search.'%';
+		$parameters['search'] = '%'.lower_case($search).'%';
 	}
 
 //prepare to page the results
@@ -116,14 +131,8 @@
 
 //prepare to page the results
 	$rows_per_page = $settings->get('domain', 'paging', 50);
-	$param = "&search=".urlencode($search);
-	if ($show == "all" && permission_exists('call_flow_all')) {
-		$param .= "&show=all";
-	}
-	$page = $_GET['page'] ?? '';
-	if (empty($page)) { $page = 0; $_GET['page'] = 0; }
-	list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page);
-	list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true);
+	list($paging_controls, $rows_per_page) = paging($num_rows, $query_string, $rows_per_page);
+	list($paging_controls_mini, $rows_per_page) = paging($num_rows, $query_string, $rows_per_page, true);
 	$offset = $rows_per_page * $page;
 
 //get the list
@@ -182,7 +191,7 @@
 	echo "	<div class='heading'><b>".$text['title-call_flows']."</b><div class='count'>".number_format($num_rows)."</div></div>\n";
 	echo "	<div class='actions'>\n";
 	if (permission_exists('call_flow_add')) {
-		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','link'=>'call_flow_edit.php']);
+		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$settings->get('theme', 'button_icon_add'),'id'=>'btn_add','link'=>'call_flow_edit.php'.($query_string ? '?'.$query_string : '')]);
 	}
 	if (permission_exists('call_flow_add') && $call_flows) {
 		echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$settings->get('theme', 'button_icon_copy'),'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]);
@@ -199,14 +208,14 @@
 		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$settings->get('theme', 'button_icon_delete'),'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none;','onclick'=>"modal_open('modal-delete','btn_delete');"]);
 	}
 	echo 		"<form id='form_search' class='inline' method='get'>\n";
-	if (permission_exists('call_flow_all')) {
-		if ($show == 'all') {
-			echo "		<input type='hidden' name='show' value='all'>";
-		}
-		else {
-			echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$settings->get('theme', 'button_icon_all'),'link'=>'?type=&show=all'.($search != '' ? "&search=".urlencode($search) : null)]);
+	foreach ($param as $key => $value) {
+		if ($key !== 'search' && $key !== 'page') {
+			echo "		<input type='hidden' name='".escape($key)."' value='".escape($value)."'>\n";
 		}
 	}
+	if ($show !== 'all' && permission_exists('call_flow_all')) {
+		echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$settings->get('theme', 'button_icon_all'),'link'=>'?show=all']);
+	}
 	echo 		"<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
 	echo button::create(['label'=>$text['button-search'],'icon'=>$settings->get('theme', 'button_icon_search'),'type'=>'submit','id'=>'btn_search']);
 	//echo button::create(['label'=>$text['button-reset'],'icon'=>$settings->get('theme', 'button_icon_reset'),'type'=>'button','id'=>'btn_reset','link'=>'call_flows.php','style'=>($search == '' ? 'display: none;' : null)]);
@@ -234,7 +243,6 @@
 	echo "<form id='form_list' method='post'>\n";
 	echo "<input type='hidden' id='action' name='action' value=''>\n";
 	echo "<input type='hidden' id='toggle_field' name='toggle_field' value=''>\n";
-	echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
 
 	echo "<div class='card'>\n";
 	echo "<table class='list'>\n";
@@ -245,17 +253,17 @@
 		echo "	</th>\n";
 	}
 	if ($show == "all" && permission_exists('call_flow_all')) {
-		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param, "class='shrink'");
+		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, null, "class='shrink'", $query_string);
 	}
-	echo th_order_by('call_flow_name', $text['label-call_flow_name'], $order_by, $order);
-	echo th_order_by('call_flow_extension', $text['label-call_flow_extension'], $order_by, $order);
-	echo th_order_by('call_flow_feature_code', $text['label-call_flow_feature_code'], $order_by, $order);
-	echo th_order_by('call_flow_status', $text['label-call_flow_status'], $order_by, $order);
+	echo th_order_by('call_flow_name', $text['label-call_flow_name'], $order_by, $order, null, null, $query_string);
+	echo th_order_by('call_flow_extension', $text['label-call_flow_extension'], $order_by, $order, null, null, $query_string);
+	echo th_order_by('call_flow_feature_code', $text['label-call_flow_feature_code'], $order_by, $order, null, null, $query_string);
+	echo th_order_by('call_flow_status', $text['label-call_flow_status'], $order_by, $order, null, null, $query_string);
 	if (permission_exists('call_flow_context')) {
-		echo th_order_by('call_flow_context', $text['label-call_flow_context'], $order_by, $order);
+		echo th_order_by('call_flow_context', $text['label-call_flow_context'], $order_by, $order, null, null, $query_string);
 	}
-	echo th_order_by('call_flow_enabled', $text['label-enabled'], $order_by, $order, null, "class='center'");
-	echo th_order_by('call_flow_description', $text['label-call_flow_description'], $order_by, $order, null, "class='hide-sm-dn'");
+	echo th_order_by('call_flow_enabled', $text['label-enabled'], $order_by, $order, null, "class='center'", $query_string);
+	echo th_order_by('call_flow_description', $text['label-call_flow_description'], $order_by, $order, null, "class='hide-sm-dn'", $query_string);
 	if (permission_exists('call_flow_edit') && $list_row_edit_button) {
 		echo "	<td class='action-button'>&nbsp;</td>\n";
 	}
@@ -266,7 +274,7 @@
 		foreach ($call_flows as $row) {
 			$list_row_url = '';
 			if (permission_exists('call_flow_edit')) {
-				$list_row_url = "call_flow_edit.php?id=".urlencode($row['call_flow_uuid']);
+				$list_row_url = "call_flow_edit.php?id=".urlencode($row['call_flow_uuid']).($query_string ? '&'.$query_string : '');
 				if ($row['domain_uuid'] != $_SESSION['domain_uuid'] && permission_exists('domain_select')) {
 					$list_row_url .= '&domain_uuid='.urlencode($row['domain_uuid']).'&domain_change=true';
 				}
@@ -336,4 +344,3 @@
 	require_once "resources/footer.php";
 
 ?>
-